Gartner recently estimated that by 2020, the number of Internet-connected objects will increase by 30 times, making the Internet of Things (IoT) a game changer for both businesses and consumers. While the rate of IoT adoption is starting, the security implications are horrifying. A global study conducted by Aruba Networks across more than 3,000 companies found that 84 percent of companies have already experienced some sort of IoT breach. The biggest attack vector was malware, which accounted for almost 50 percent of IoT breaches reported in the survey.
The Internet of Things (IoT) refers to the networking of physical objects that are designed with an IP address for Internet connectivity. These objects communicate with each other and other Internet-enabled devices and systems and have historically been ‘dumb devices’ that stood alone. Today, IoT products span a wide range of devices including cars, refrigerators, medical devices, sensors, home control functions (lights, thermostats), etc.
“Security by design is a mandatory prerequisite to securing the IoT macrocosm, the Dyn attack was just a practice run.” – James Scott, Sr. Fellow, Institute for Critical Infrastructure Technology
There are several challenges ahead of us on the IoT landscape. First, IoT devices were not designed for security, they were designed for ease of use and accessibility. Second, because these devices are deployed by the end consumer, they install the devices with the default configuration. Last, IoT manufacturers have not given much thought to integrating security into their devices.